Chrome 49

SWIFT Heist

A bank robbery was I can’t really say foiled but, at least, stopped when someone at Deutsch Bank detected a spelling mistake on a SWIFT transaction and asked for clarification. Turns out the modern day Bonnie and Clyde had already made off with 80M USD. They were stopped from making off with the other 850M USD that was planned, though.

Java

ISIS

Seems like there is some descent in the ranks of ISIS, a member of ISIS defected this week taking with him a USB key containing the names of 22K members which he promptly handed over to the media and is now in the hands of the authorities. It also contained a file called martyrs with the names of potential suicide attackers, all seems a little too easy by my way of thinking.

Labour

The Libotr library has exposed a number of Internet messaging applications to buffer overflow attacks. The library is used for encryption of communications and can be found in Pidgin, Adium and ChatSecure.

Locky Ransomware

Researchers are seeing an enormous spam campaign that is diffusing the Locky Ransomware by means of JavaScript attachments. Usually, less than 2% of Spam contains malware however there has been a recent increase to 18%.

SAP

SAP has released patches for 28 vulnerabilities in a number of its products. These ranged from cross site scripting issues, information disclosure issues, authorization checks to mention just a couple.

Samsung

Samsung urges its Windows laptop users to download a fix for the MITM vulnerability. The vulnerability was in the Samsung Software Update Tool and could allow an attacker to download files to the machine and then take complete control of the system.

BIND

The ISC released updates for BIND to fix three denial of service DoS high severity vulnerabilities. They are related to the pardin of DName records, control channel input handling and cookie options being used to terminate named.